The Most Important Cybersecurity Step to Implement This Year
Cybersecurity can be overwhelming, but some decisions are easy.
- By Nate Austin
- May 9, 2022
In the past few years, we’ve seen the cybersecurity threat landscape explode in complexity. Antivirus software and a spam filter are no longer enough to keep your team secure. Cybersecurity has changed drastically, and those new changes are creating a lot of noise. Often, though, the shiny “nice-to-have” solutions distract organizations from the less flashy “need-to-have” ones. It’s like buying a car with a top safety rating but not wearing a seat belt -- the other stuff is important but there’s a basic, crucial step you should take first.
It’s the same thing with your cybersecurity. Passwords are both the first line of a company’s defense and often its weakest link. Without safeguards such as multi-factor authentication (MFA), passwords are far and away the most glaring threat to your organization’s security, not some complicated backdoor exploit.
In our experience, passwords are prone to user error and difficult to regulate properly. Even complex passwords can be easily bypassed, especially if they’ve been part of a prior security breach. The point is, if a bad actor wants to get into your network, they will target your users’ passwords first -- and very often, they’ll succeed.
MFA Exponentially Increases Password Security for Very Little Effort
MFA completely changes the password game. Instead of a simple string of text, MFA also requires an additional proof of identity to gain access to an account. Some examples include a PIN sent to your phone, a fingerprint scan, or a mobile authentication app. MFA makes most forms of login credential attacks exponentially harder. In many cases, there’s a 99 percent improvement in your team’s security ... all by adding just a single additional click!
There’s really no good reason to ignore MFA. Passwords are so exposed -- and so crucial to identity access management -- that MFA is now a must-have. In fact, MFA is now required by both cyber-insurance providers and multiple compliance standards for government, medical, and manufacturing work. Unless a business employs MFA, renewing cyber-insurance coverage or getting new coverage is often next to impossible these days. It used to be a nice bonus, but now it’s a minimum requirement.
Further Security Improvements That Can Benefit Any Organization
In addition to implementing MFA, here are some additional security strategies that my Mytech co-founders and I encourage businesses to implement in 2022:
- Obtain cyber-liability insurance. The cost of a ransomware attack is staggering. Between the ransom itself and the downtime required to restore your network, it’s enough to close many businesses down for good. Cyber-liability insurance provides a safety net that can protect your organization when all other security measures fail.
- Engage a proactive information security assessment. You can’t protect what you don’t know about. A certified information systems audit can expose those threats or vulnerabilities before they become a problem. It’s an additional security layer that can give your organization a coherent plan for building your defenses, starting with the most significant vulnerabilities. This is such an important component that Mytech Partners is automatically deploying it on behalf of our clients.
- Define your incident response plan. Companies should be prepared ahead of time to successfully combat cyberthreats. Create security policies and response procedures that can hold your team and your providers accountable -- as well as fulfill any cyber-insurance requirements. In the midst of a breach, you want to be executing a developed plan, not wasting valuable time trying to build your response plan from scratch.
Cybersecurity threats are only becoming more sophisticated, but there are practical first steps that every organization can take to exponentially improve its cyberdefenses, such as multi-factor authentication. For the more complex threats and vulnerabilities, a trusted IT partner is the best resource you can have.
Nate Austin is an author, international speaker, coach, and co-founder of Mytech Partners, a strategic IT consulting and managed services provider in Colorado and Minnesota that has been making IT easy for clients for over 20 years. You can contact the author via email.